Bitcoin and Crime

If you follow the cryptocurrency news, you would hardly feel any surprise when you read yet another statement that bitcoin regulation is mostly reasoned by the fact that it is prone to money laundering and terrorism financing.

Those statements pop up every now and then at a steady rate, even though some entities, like Europol or Her Majesty’s Treasury, both of which can hardly be suspected of being very keen of Bitcoin, state that there is very little evidence that any such actions have ever taken place. The very term, ‘little evidence’, is most likely diplomatic for ‘no evidence at all’, which certainly takes into account some other crimes involving Bitcoin, not all of which are known.

Anyway, even though terrorists don’t use bitcoin to finance their operations, and dishonest entrepreneurs prefer viable options like offshore registration and other tax evasion techniques, it would be also unreasonable to state that Bitcoin has nothing to do with crime. The history knows numerous instances when the cryptocurrency had been directly involved in unlawful activity.


Yes, that’s the most obvious one. It’s probably the first thing that comes to mind when you think about bitcoin-related crimes. It’s also the first thing you’d think about if you decide to commit a cybercrime involving ransom.

As everybody knows, ransomware encrypts files on the victim’s computer and then demands a ransom for a decryption key. The most successful ransomware to date is probably Cryptowall. In most cases, computer gets infected because of the user’s carelessness, who opens attachments in weird emails.

Windows computers are the most popular victims for malware, as the operating system is the world’s most popular. However, this year OS X has joined Windows in this company, when virus named KeRanger infiltrated then-new version of Transmission, a bittorrent client. Further behavior of the ransomware was similar to that of Windows-targeted: it encrypted user files and demanded a ransom to the tune of 1 BTC, possibly believing that Mac users are more likely to afford such amounts.

Notably, in 2015 Apple’s App Store fell victim of a massive attack performed with altered version of XCode named XCodeGhost. It infected upwards of 300 legal applications, including WeChat, Angry Birds 2, Baidu Music and Battle of Freedom.

In most cases, there are only two options for a user, and both of them hardly seem pleasant: either pay the ransom or format the disk drive and lose all data stored therein.

According to the report released by the FBI’s Internet Crime Complaint Center, Cryptowall is responsible for extorting money to the tune exceeding $18 million in 2014 and 2015 alone. Another organization, Cyber Threat Alliance, has also released a report stating that such attacks have deprived their victims of $325 million overall.

Alexander Gostev, leading antivirus expert at Kaspersky Lab, ransomware is that popular because of its business model’s simplicity. Currently, there even is so-called RaaS (ransomware as a service), a model implying that authors of a trojan program offer a share for distributing the malware.

According to Kaspersky Labs, nearly 50% of all internet users have met online scammers at least once. The number of mobile malware is also growing. In Q1 of 2016, the company has registered 14 times as high of those as compared to Q4 of 2015.

However, according to the company, only 3% of all instances somehow involved bitcoin. Most of them deal with good old fiat.

The problem of ransomware has become so vital, some companies offer dedicated anti-ransomware programs.


The next popular option for Bitcoin criminals is blackmail. The scheme here is pretty simple and obvious: there is a DDoS attack followed by a demand of ransom to cease it; or there is a theft of sensitive data again followed by a ransom demand.

Summer 2015, four New Jersey-based casinos received such demand after a massive DDoS attack. According to the state’s department of gambling industry, the attacks were two-phased, with the demand sent after the first one. However, nobody opted to pay the ransom.

Late 2015, a group of Russia-based cybercriminals blackmailed several Greek banks into sending them 750 BTC (around $266,000 at the time) to cease attacking their servers.

Also late 2015, British internet provider TalkTalk, with more than four million customers, fell victim of data thieves. The ransom amount comprised 80,000 pounds (nearly $123,000). The ‘or else’ part was in the threat to publish the sensitive data. And, most certainly, the aforementioned sum was requested in bitcoins.

Finally, early 2016, one of China’s biggest cryptocurrency exchanges BTCC fell victim to a massive DDoS attack, with the attackers demanding bitcoins to cease it. The amount of the ransom was rapidly increasing alongside with the attacker’s ferocity, however BTCC refused to pay anything and focused on improving the defense lines on their servers. Eventually, the attacker gave up.

The DDoS threat is apparently less efficient, as in this case the victim has opportunities to build up defences around the target servers and elsewhere, thus opposing the attack. Still, it remains one of the cybercriminals’ favorites, and not everyone may afford proper protection.

Extortion Beyond the Web

If you think that bitcoin extortionists are active only on the web, there are some bad news for you, sunshine.

Late 2014, a group of blackmailers threatened to spread Ebola across Czech Republic unless they are paid 1 million Euro worth of bitcoins. This act is considered the most cynical bitcoin-related crime so far. Back then, the world was expecting Ebola to go pandemic any moment, so the blackmailers sent a letter to a local television company stating they have biomaterials of an infected patient from Liberia. They threatened to start spreading the virus in public places unless the ransom is paid.

Another act of cynicism struck Connecticut in winter 2015, when several locals have been threatened by unknown individuals. They promised to kill those people and their loved ones unless — surprise, surprise — they pay bitcoins. Anonymous letters sent to those people were on paper, and sent from Austin, TX and Jacksonville, FL, and contained detailed instructions as to how to buy and transact bitcoins.

Summer 2015, a gang of Ukraine-based extortionists blackmailed major Russian retailers with call bombing. They notified the potential victim of possible business problems via e-mail or a phone call, and offered to pay bitcoins in advance to avoid any of those. The requested amounts varied from 60 to 150 BTC. However, even though Russia’s FSB tried to settle the problem, they couldn’t coordinate actions with their Ukrainian counterpart, the SBU, and eventually a private security company sent its employees to Ukraine. They managed to reason with the extortionists.


Finally, last year Ukraine became possibly the first country where bitcoins have been used to bribe voters. Some players, evidently involved in local elections, have used bitcoins converted into Ukraine’s national currency, hryvnias, to pay for votes.

Overall, they had bought in excess of 5,000 votes with bitcoins that had been converted to 4.3 million UAH (around $172,000). The actual amount was said to be well beyond that. Bitcoin in that case acted as an intermediary transaction medium: cryptocurrency was exchanged for hryvnias at online exchanges, and the bribed voters received a remittance in hryvnias to their plastic cards.

Attentive readers have probably noticed that all those crimes have one thing in common: they could easily be committed with cash instead of Bitcoin. Many cybercriminals mistakingly believe that Bitcoin will grant them anonymity, while it is general knowledge that it may provide only pseudonymity, and law enforcement agencies are capable of tracking down those responsible.

Bitcoin crime thrives under the same conditions that cash-based crime does. However, contrary to cash, which is pretty well regulated, there is — once again — very little evidence that Bitcoin is used for activities it is usually blamed for. Interestingly enough, no official speaker has ever accused Bitcoin of being money for extortionists and dirty politicians.

A coincidence? Fat chance.


Found a typo? Highlight text and press CTRL+ENTER

Subscribe to our Newsletter


Related posts